Hitachi

JP1 Version 12 JP1/Network Node Manager i Setup Guide


10.4.6 Working with Certificates in Global Network Management Environments

During NNMi installation, the installation script creates a self-signed certificate for the NNMi management server. This certificate contains an alias that includes the fully-qualified domain name of the node. The installation script adds this self-signed certificate to the NNMi management server's nnm.keystore and nnm.truststore files.

Suppose you want your global network management configuration to model the following figure.

Figure 10‒6: Global network management

[Figure]

Complete the steps below to configure the global network management feature to use self-signed certificates based on the above figure.

  1. Change to the following directory on regional1 and regional2:

    • Windows: %NNM_DATA%\shared\nnm\certificates

    • Linux: $NNM_DATA/shared/nnm/certificates

  2. Copy the nnm.truststore files from the above locations on regional1 and regional2 to some temporary location on global1.

  3. Execute the following commands on global1 to merge the regional1 and regional2 certificates into global1's nnm.truststore file:

    nnmcertmerge.ovpl -truststore <regional1_nnm.truststore_location>
    nnmcertmerge.ovpl -truststore <regional2_nnm.truststore_location>
  4. Execute the following command sequence on global1:

    ovstop
    ovstart